May 2024
Intermediate to advanced
672 pages
22h 23m
English
Content preview from The Cybersecurity Guide to Governance, Risk, and Compliance
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
CHAPTER 10Risk Assessments
“Cyber risk assessments are the Sherlock Holmes of the digital world, helping us uncover hidden vulnerabilities and thwart cyber villains before they strike.”
Risk assessments are a key building block in establishing a strong cybersecurity program. Risk assessments' function, application, and significance in cybersecurity must be understood thoroughly. This involves grasping basic concepts and types of risk assessments and the varied regulatory perspectives on them. Valuable insights can be gleaned from exploring the viewpoints of the Federal Financial Institutions Examination Council (FFIEC), the National Institute of Standards and Technology (NIST), and third‐party frameworks like Factor Analysis of Information Risk (FAIR), Risk IT, and Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE). Practical advice on performing a cybersecurity risk assessment, handling risks related to third parties, and tackling common challenges in risk assessments is essential. Given the ever‐evolving cybersecurity landscape, risk assessments' critical role and future implications should not be underestimated.
THE IMPORTANCE OF RISK ASSESSMENTS
Risk assessment is a fundamental process that helps organizations identify, analyze, and evaluate risks affecting their critical functions and information. It is a proactive approach that acts as the first line of defense against cyber threats, allowing organizations to anticipate and mitigate risks ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.